callback

原创

jing537708 2012-12-01 11:57:36 ©著作权

©著作权归作者所有：来自51CTO博客作者jing537708的原创作品，请联系作者获取转载授权，否则将追究法律责任

PPP反向回拨
【实验目的】
配置拨号连接，配置和验证反向回拨。
【实验设备】
两台路由器1700，两个33.6Kbps Modern，程控交换机一台，两台PC
【实验拓扑】
【实验原理】
PPP反向回拨是LCP的一个选项，它采用的模型是Client/Server模型。该功能允许发起呼叫的路由器（即客户路由器）请求接收拨号连接的对端路由器（即Server路由器）进行回拨。反向回拨的主要目的是利用回拨这种特性来进行访问控制和节省路由器的长途呼叫费用以及统一计费。例如，如果从地区A呼叫地区B的长途电话费比从地区B呼叫地区A的费用贵的话，就可以让地区B的路由器反向回拨地区A的路由器，以节省长途电话费。
实现时，点对点链路两端的路由器都必须配置PPP反向回拨功能：其中一台路由器作为反向回拨的客户机，另一台作为反向回拨服务器。反向回拨客户机必须配置为能够发起PPP反向回拨请求，而反向回拨服务器必须被配置为能够接收PPP反向回拨请求并能发出返回拨叫。
回拨大致过程如下：由客户端发起呼叫并请求回拨，服务器端检查自己的配置，如果允许回拨则进行pap或chap认证。认证通过后，获得客户端的用户名，然后从自己的配置中识别出回拨号码，接着进行回拨。回拨过程中再进行相应的认证，如果回拨成功则链路up起来，如果不成功也不会再继续重试回拨。
No
自动选择协议pap或chap验证验证断掉连接
通过？
Yes
反向回拨挂断要求反向回拨
1
【实验内容】
1.配置单向拨叫
（1）Router B（中心路由器）的基本配置为：
B(config)# interface Serial0
B(config-if)# physical-layer async
B(config-if)#ip address 192.168.8.1 255.255.255.0
B(config-if)#encapsulation ppp
B(config-if)# async mode dedicated
配置line：
B(config)#line 1
B(config-if)#password cisco
B(config-if)#login
B(config-if)#modem InOut
B(config-if)#modem autoconfigure discovery
B(config-if)#transport input all
B(config-if)#stopbits 1
B(config-if)# speed 115200
B(config-if)#flowcontrol hardware
（2）Router A（远程节点路由器）的基本配置
A(config)#chat-script client ABORT ERROR "" "AT Z" OK "ATDT\T" TIMEOUT 30 CONNECT \c //注意空格和大小写
A(config)# interface Serial0
A(config-if)# physical-layer async
A(config-if)#encapsulation ppp
A(config-if)# dialer in-band
A(config-if)#ip address 192.168.8.3 255.255.255.0
A(config-if)# async mode dedicated
A(config-if)# dialer hold-queue 50 //定义在连接建立起来以前有多少数据包能进行排//队等待
A(config-if)# dialer map ip 192.168.8.1 name B modem-script client broadcast 88
//88为B区的电话号码，以实际的为准
A(config-if)# dialer-group 1
A(config)# dialer-list 1 protocol ip permit
A(config)#interface loopback 0
A(config-if)# ip address 192.168.1.1 255.255.255.0 //配置一个loopback端口便于反向telnet
//到modern上便于测试
配置line:
A(config)#line 1
A(config-if)#password cisco
A(config-if)#login
A(config-if)#modem InOut
2
A(config-if)#modem autoconfigure discovery
A(config-if)#transport input all
A(config-if)#stopbits 1
A(config-if)# speed 115200
A(config-if)#flowcontrol hardware
验证：
单向拨号成功后，可以用show line，debug modem来查看链路信息和拨叫连接过程。
2．配置pap或chap认证
（1）PAP认证
B(config)# interface Serial0
B(config-if)#encapsulation ppp
B(config-if)#ppp authentication pap
B(config-if)#ppp pap sent-username B password ciscoB
B(config)#username A password ciscoA
A(config)# interface Serial0
A(config-if)#encapsulation ppp
A(config-if)#ppp authentication pap
A(config-if)#ppp pap sent-username A password ciscoA
A(config)#username B password ciscoB
验证:可以用debug ppp authentication看pap认证过程。
（2）CHAP认证
B(config)# interface Serial0
B(config-if)#encapsulation ppp
B(config-if)#ppp authentication chap
B(config)#username A password cisco //username为对端的hostname，密码两边都相同
A(config)# interface Serial0
A(config-if)#encapsulation ppp
A(config-if)#ppp authentication chap
A(config)#username B password cisco //username为对端的hostname，密码两边都相同
3．配置反向回拨
B(config)#chat-script server ABORT ERROR "" "AT Z" OK "ATDT\T" TIMEOUT 30 CONNECT \c
B(config)# interface Serial0
B(config-if)# dialer in-band
3
B(config-if)# dialer hold-queue 50 //定义在连接建立起来以前有多少数据包能进行排队等待
B(config-if)# dialer-group 1
B(config)# dialer-list 1 protocol ip permit // 配置中心路由器B拨号的基本配置
在中心路由器上接受回拨请求：
B(config)# interface Serial0
B(config-if)#ppp callback accept
B(config-if)#exit
B(config)#map-class dialer dialback / /这个dialer类的名字
B(config-map-class)#dialer callback-server username //表明以根据拨号用户认证名和拨号映射重所规定的主机名来鉴别反向回拨客户的合法性
B(config-map-class)#exit
B(config)#int s0
B(config-if)# dialer map ip 192.168.8.3 name A class dialback modem-script server broadcast 87
//87为A区的电话号码,以实际的为准
//将dialback这个反向拨号类绑定在了这个dialer map上
远程路由器发出回拨请求
A(config)# interface Serial0
A(config-if)#ppp callback request
A(config-if)#exit
为了保证以太网段的可达性，配置两条静态/默认路由：
B(config)#ip route 192.168.216.0 255.255.255.0 192.168.8.3
A(config)#ip route 0.0.0.0 0.0.0.0 192.168.8.1
验证：用debug modem命令。
在远程路由器上和/或主机上ping中心路由器或主机，观察拨号过程：routerA发起呼叫，modern拨号成功后，链路up起来。很快中心路由器就会断掉该链路，然后反向回拨远程路由器A，建立一条由中心路由器发起的链路。
4
整个拨号过程的debug modem信息：
中心路由器B:
01:51:01: TTY1: DSR came up
01:51:01: Modem 0/0 Modi: switching to PPP mode
01:51:01: TTY1: no timer type 1 to destroy
01:51:01: TTY1: no timer type 0 to destroy
01:51:01: tty1: Modem: IDLE->(unknown)
01:51:03: Modem 0/0: PPP escape map: Tx map = FFFFFFFF, Rx map = 0
01:51:03: %LINK-3-UPDOWN: Interface Serial0, changed state to up
01:51:03: Modem 0/0: PPP escape map: Tx map = A0000, Rx map = 0
01:51:03: TTY1: Async Int reset: Dropping DTR
01:51:04: TTY1: DSR was dropped
01:51:04: tty1: Modem: READY->(unknown)
01:51:05: TTY1: dropping DTR, hanging up
01:51:05: tty1: Modem: HANGUP->(unknown)
01:51:05: %LINK-5-CHANGED: Interface Serial0, changed state to reset
01:51:06: TTY1: cleanup pending. Delaying DTR
01:51:07: TTY1: cleanup pending. Delaying DTR
01:51:08: TTY1: cleanup pending. Delaying DTR
01:51:08: Modem 0/0 Modi: switching to character mode
01:51:08: TTY1: no timer type 0 to destroy
01:51:08: TTY1: no timer type 1 to destroy
01:51:08: TTY1: no timer type 3 to destroy
01:51:08: TTY1: no timer type 4 to destroy
01:51:08: TTY1: no timer type 2 to destroy
01:51:08: Serial0: allowing modem_process to continue hangup
01:51:09: TTY1: restoring DTR
01:51:10: TTY1: autoconfigure probe started
01:51:10: %LINK-3-UPDOWN: Interface Serial0, changed state to down
01:51:20: CHAT1: Attempting async line dialer script
5
01:51:20: CHAT1: process started
01:51:20: CHAT1: Asserting DTR
01:51:38: Modem 0/0 Modi: switching to PPP mode
01:51:38: TTY1: no timer type 1 to destroy
01:51:38: TTY1: no timer type 0 to destroy
01:51:40: %LINK-3-UPDOWN: Interface Serial0, changed state to up
01:51:40: Modem 0/0: PPP escape map: Tx map = FFFFFFFF, Rx map = 0
01:51:40: Modem 0/0: PPP escape map: Tx map = A0000, Rx map = 0
01:51:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state
to up
B#show dialer interface s 0
Se0 - dialer type = IN-BAND ASYNC NO-PARITY
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is data link layer up
Dial reason: Callback return call
Time until disconnect 43 secs
Connected to 87 (A)
Dial String Successes Failures Last DNIS Last status
87 8 0 00:01:36 successful
120秒断掉链路：
01:53:41: TTY1: Async Int reset: Dropping DTR
01:53:41: TTY1: DSR was dropped
01:53:41: tty1: Modem: READY->(unknown)
01:53:42: TTY1: dropping DTR, hanging up
01:53:42: tty1: Modem: HANGUP->(unknown)
01:53:43: %LINK-5-CHANGED: Interface Serial0, changed state to reset
01:53:43: TTY1: cleanup pending. Delaying DTR
01:53:44: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state
to down
01:53:44: TTY1: cleanup pending. Delaying DTR
01:53:45: TTY1: cleanup pending. Delaying DTR
01:53:46: Modem 0/0 Modi: switching to character mode
01:53:46: TTY1: no timer type 0 to destroy
01:53:46: TTY1: no timer type 1 to destroy
01:53:46: TTY1: no timer type 3 to destroy
01:53:46: TTY1: no timer type 4 to destroy
01:53:46: TTY1: no timer type 2 to destroy
01:53:46: Serial0: allowing modem_process to continue hangup
01:53:46: TTY1: restoring DTR
01:53:48: TTY1: autoconfigure probe started
01:53:48: %LINK-3-UPDOWN: Interface Serial0, changed state to down
6
B#show dialer interface s0
Se0 - dialer type = IN-BAND ASYNC NO-PARITY
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle
Dial String Successes Failures Last DNIS Last status
87 8 0 00:04:06 successful
7